port security action on 3750 - requesting new feature maybe :)
Hi, I was wondering if there is a workaround to have a mac access-list bond to a port security violation action
our need is the following: we have a range of 10 mac addresses that can use any port on the 3750, we only want to allow those ones yet we also need to tak action if a denied mac appears on any port of the switch.
the only work around I found is to basically go into a port-rage mode and list all the allowed mac addresses under all the ports of the switch. I would also add to that a port violation action. did not test it but should work. problem is, it would be a huge config.
I did read that we can create a mac access list and then bind that mac to physical ports wich will actually simplify our solution yet I did not find a way to bind the mac list with a port violation action.
As you said you can do this by using port-security with default action shutdown, by allowing specfic 10 mac-addresses per port or if shutting the port is not neccessary then by simply using VLAN filter by calling vlan access-maps which will allow only those 10 mac addresses to communicate on that VLAN and silently drop other hosts.
Hi Guys, I have two questions about EIGRP behavior when we have Multiple EIGRP routes: 1- I tried to show on some router the acquired EIGRP paths for a route X.X.X.X by typing the command : "show ip eigrp topology X.X.X.X". On the output there w...
[ The Discussion forum will be published on December 1st ]
Take the opportunity to reach out to our expert and discuss best practices regarding on how to troubleshoot a live network and identify the root cause easily. Learn more about Serviceability and h...
To provide a solution to quickly setup a router at a remote location that supports WiFi and provides instant internet access using LTE as a transport while deploying with Cisco SD-WAN.
Plug the router to a power sou...
Hello!I'm looking for a way to make my EEM script more dynamic and automated for my environment. This is what I have - basically I just capture the 4 IPSec peer IP addresses of each neighbor and insert this data into 4 different variables. ...
Hi all,I have a couple of Nexus9k switches. I need to get tcpdump from the physical interface which connected to the server. I'm looking for a specific protocol on tcpdump so that which feature should I use? I asked that because I couldn't full...